COMPARISON OF OPERATING SYSTEM SECURITY –

WINDOWS VS LINUX

TECHNO INTERNATIONAL NEW TOWN

NAME :- MINU CHOUDHARY.

DEPARTMENT :- CSBS.
ROLL.NO :- 18731121022.
SEMESTER :- 6TH (CA # 1).

YEAR :- 3RD .
SUBJECT :- OPERATING SYSTEMS.
PAPER CODE :- PCC-CSBS 602.

DATE OF SUBMISSION :- 28TH JANUARY.

 WHAT IS AN OPERATING SYSTEM?
An operating system, also called OS, is a collection of system programs, tools, and
utilities that manage computer hardware resources and offer common services for
client application software [1]. The operating system is the first program to execute
upon booting a computer and is thus considered the most vital type of system software.
An operating system runs users’ application programs and provides them a suitable
interface to interact with the computer hardware. It is additionally responsible for
carrying out other tasks including but not limited to spawning processes, creating
threads, allocating primary memory to various applications, managing data storage,
controlling input and output peripherals, hosting device drivers, and delivering multi-
level secure execution platform. Generally, an operating system is deployed in any
system where there is a need for multi-tasking. Also, there is a need for interfaces that
allow the user to interact with the system and its applications. Nowadays, an operating
system is expected to appear with a GUI interface that allows the users to enjoy a best-
in-class user experience while using the system. Some examples of well-known OS
include Windows, Linux, and macOS.

Microsoft Windows and Linux are two of the most renowned operating systems
that have a widespread use in every computer-related field.
 SECURITY COMPARISON OF WINDOWS VS LINUX

WINDOWS
The Windows security model is a collection of user-mode and kernel-mode processes
that deliver, monitor, and manage the different OS security components, and
coordinates among them.

1. Security Reference Monitor (SRM)

SRM is a component running in kernel mode (c:\windows\system32\Ntoskrnl.exe) that

enforces security policies on the local computer. It guards the various operating
system resources by performing run-time object protection and auditing, and
manipulating security privileges often know as user rights.

2. Local Security Authority Subsystem (Lsass)

Lsass is a user-mode process (c:\Windows\System32 \Lsass.exe) that is responsible for

the local system security policy, user authentication, and sending security audit
messages to the event log. Actually, Lsass implements most of its functionalities in a
dynamic-link library (c:\Windows \System32\Lsasrv.dll).
3. Lsass Policy Database

It is a database that contains the local system security policy settings. This
database is stored in the registry under HKLM\SECURITY. It includes such
information as what domains are entrusted to authenticate logon attempts, who
has permission to access the system and how (interactive, network, and service
logons), who is assigned which privileges, and what kind of security auditing can
be performed.

4. Security Accounts Manager (SAM)

SAM is a combination of a service and a database. The SAM service is a set of

subroutines responsible for managing the database that contains the usernames and
groups defined on the local machine. It is implemented as a dynamic-link library
(\Windows\System32\Samsrv.dll), and runs in the Lsass process. On the other hand, the
SAM database is used on systems not functioning as domain controllers and contains
the defined local users and groups, along with their passwords and other attributes. The
SAM database is stored in the registry under HKLM\SAM.
5. Active Directory

It is a directory service that contains a database to store information about objects in a

domain. A domain is a collection of computers and their associated security groups that
are managed as a single entity. The Active Directory stores information about the
objects in the domain, including users, groups, computers, passwords, and privileges.
The Active Directory server is implemented as \Windows\System32\Ntdsa.dll, and runs
in the Lsass process.

6. Network Logon Service (Netlogon)

It is a Windows service (\Windows\System32\Netlogon.dll) that supports authentication

of account logon events in a domain. It additionally verifies logon requests, and
registers, authenticates, and discovers domain controllers.

7. Authentication Packages
They are dynamic-link libraries (DLLs) that run in the context of the Lsass process and
implement the Windows authentication policy. An authentication DLL is responsible for
checking whether a given username and password match, and if so, returning to Lsass
the information detailing the user's security identity. The Windows authentication
packages include Kerberos and MSV1_0.
8. Logon Process (Winlogon)

It is a user-mode process (\Windows\System32\Winlogon. exe) that is responsible for

responding to the Lsass and for managing interactive logon sessions. Winlogon creates
a GUI user's shell process when a user logs on.

9. Graphical Identification and Authentication (GINA)

It is a user-mode DLL that runs in the Winlogon process and that Winlogon uses to
obtain a username and password or smart card PIN. The GINA standard library is
located at \Winnt\System32\Msgina.dll.
LINUX
The Linux security model is a collection of several active processes, daemon services,
and libraries that provide a secure framework for the Linux kernel to work in.

1. PAM Library

The Pluggable Authentication Modules (PAM) library provides the necessary interface
and functions for developing PAM-aware applications. The PAM library is essential to
allow the authentication of users in the Linux operating system.

2. PAM Configuration File

It is a text file where the system administrator can specify which authentication
scheme is used for a particular application. On the Linux system, this configuration
information can be stored either in a file under the /etc/pam directory or as a line in
the /etc/conf configuration file. Upon the initialization of the PAM library, The PAM
configuration file is read so as to load the corresponding authentication modules .
3. Authentication Module It is a module containing several authentication
procedures, used for creating authentication credentials, authenticating users, and
HEAD – TO - HEAD
granting privileges to authenticated users.
COMPARISON
4. Account Management Module
Although both systems have their own standards
It manages user accounts and establishes whether an authenticated user is permitted to and design, they are both modularized in a way
gain access to the system. It creates login session after a successful authentication and is that their security components are sort of
responsible for validating the expiration date of the username and/or password.
independent services and processes working in
5. Password Management Module the kernel mode and in the user mode. These
processes are used by the operating system to
It handles and manages users’ passwords including setting, resetting, and changing
accomplish a specific task such as
passwords.
authentication, logging, enforcing policies, and

6. Session Management Module account management. Such modularization

makes the system more stable and easier to be
It manages the beginning and the end of a login session. It also deals with creating the
updated and extended.
appropriate log entries for every initialized session.
 CONCLUSION

In my opinion, no OS is better than the other. However, both are

unique and serve their best to specific user requirements and
market needs. Both the OS have different marketing target.

Why is Linux Faster than Windows?

Linux offers great speed and security, on the other hand,

Windows offers great ease of use, so that even non-tech-savvy
people can work easily on personal computers.
Linux is employed by many corporate organizations as servers
and OS for security purpose while Windows is mostly employed
by business users and gamers. Talking about cost, there are a lot
of factors into the picture when we compare the cost of these
two OS.
There are many reasons for Linux being generally
faster than windows. Firstly, Linux is very lightweight
while Windows is fatty. In windows, a lot of programs
run in the background and they eat up the RAM.
Secondly, in Linux, the file system is very much
organized. Files are located in chunks which are very
close to each other. This makes the read-write
operations very fast. On the other hand, Windows is
dumpster and files are present all over the place.

We can’t make a gross generalization that Linux is totally free or

cheaper than Windows. Linux’s license cost is zero, but we do
have infrastructure cost, software support cost and IT staffing
cost for both Windows and Linux.
THANKING YOU